← volver
CVE-2014-6027

CVE-2014-6027

EPSS 1.2%
Multiple cross-site scripting (XSS) vulnerabilities in TorrentFlux 2.4 allow (1) remote attackers to inject arbitrary web script or HTML by leveraging failure to encode file contents when downloading a torrent file or (2) remote authenticated users to inject arbitrary web script or HTML via vectors involving a link to torrent details.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=759574http://www.openwall.com/lists/oss-security/2014/09/02/3http://www.securitytracker.com/id/1030791